[Samba] 3.0.1rc2 LDAP - problems joining domain

Greg Dickie greg at max-t.com
Mon Dec 15 19:53:39 GMT 2003


yup. saw that after I reported it and downgraded.=20
thanks very much,
Greg

On Monday 15 December 2003 02:45 pm, you wrote:
> You are not the only one have this problem, the samba team is working
> to fix this.
>
> I had the same problem, downgraded to 3.0.1pre3 and it works.
>
> Charles Hamel
>
> On 03-12-15, at 11:48, Greg Dickie wrote:
> > Hi,
> >
> >   I'm back on the list ;-)
> >   I seem to be having some trouble getting W2K machines to join the
> > domain in
> > 3.0.1rc2. I haven't looked at this in detail since 2.2.8a but it looks
> > like
> > the account gets created in LDAP and then it has trouble setting the
> > password
> > appropriately. I believe this is the relevant part of the log:
> >
> >  api_rpcTNP: samr op 0x3a - api_rpcTNP: rpc command: SAMR_SET_USERINFO
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_debug(82)
> >   000000 samr_io_q_set_userinfo
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_uint32(635)
> >           0000 data1: 00000000
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_uint32(635)
> >           0004 data2: 00000008
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_uint16(606)
> >           0008 data3: 0000
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_uint16(606)
> >           000a data4: 0000
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_uint8s(722)
> >           000c data5: 71 e1 dd 3f 61 70 00 00
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_uint16(606)
> >       0014 switch_value: 0018
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_uint16(606)
> >           0016 switch_value: 0018
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_uint8s(722)
> >               0018 password: 2d 71 6b 2a f1 b4 66 69 84 2b 0c ec 88 4d
> > 53 90
> > 21 b8 a9 99 47 86 d2 81 67 6b a3 ac 11 3d 30 31 e6 5d 54 4e ae c1 7e
> > a6 85 eb
> > 7f 9c 33 be 4e 62 60 5c f4 9b aa b3 87 fa 03 cc b7 be 0d ab 1c 62 07
> > 34 63 37
> > dc 27 3b f7 d8 69 70 b6 b3 18 dd e6 aa ec 8a 53 98 9a a9 2d 93 f8 da
> > b7 83 be
> > 6d 5f ed e0 bc fd c0 d7 6f 9e 6c 5b d5 2b 94 86 52 f2 4a ce c0 54 3e
> > 25 8d 91
> > 42 0d 08 a4 9f 8c 3b 05 2f bd 60 c2 eb 57 c6 8d 0b 43 aa 48 49 32 30
> > 1f a8 71
> > 22 b7 e7 5e 73 c5 d2 8b 33 9b b3 e4 64 b9 18 9f 22 86 f2 d7 78 bc 37
> > 0b cb da
> > 09 b2 88 42 0a 5e 91 8c 3d eb 1f fb 97 06 54 f6 04 92 40 d4 8a b0 34
> > b9 5c 02
> > 73 e0 34 95 b0 e2 dd 57 44 30 45 6b 10 ca a0 19 40 9c 26 f5 ad 15 ac
> > a9 5a 43
> > ca 9b 7e cb 30 de fe 77 24 13 ea 75 ea c3 c2 46 de c7 be 2a dd 68 dc
> > 49 ad 12
> > 73 94 98 cd 8a 3d f5 e4 dd 07 d3 0f 8a 7f ce 95 d4 2c 0f 64 4c 51 ac
> > 98 28 21
> > e7 0d 7e 4a ea 5b 72 d7 e7 e8 a6 9b ec fb b7 56 b6 7e 09 fe 0c 47 a5
> > 02 e9 03
> > ec bb 99 b3 6c 96 92 d9 12 f7 71 d0 6b c9 44 87 5a 45 44 c3 7b d6 e2
> > 4b b1 a3
> > 19 8b 08 2 +>
> >   4 4d b0 91 e0 1a 37 37 30 59 5e e3 5b d9 a0 c2 89 da 5a d5 23 a9 37
> > c4 36 bd
> > d0 72 29 45 c1 ee 12 88 bf 30 89 32 de 20 9e 61 fc 81 7e 27 4f 2a a3
> > b0 b6 c7
> > 2d 5f e3 43 45 3f 57 f6 a2 31 56 32 cf eb e0 dd 5d 8a bd 4e ce 64 d1
> > 83 d7 87
> > 95 53 d0 ef e0 18 7d ed c9 c4 d3 1c 48 6c b5 17 dc 69 27 2c 1c b5 b7
> > db d9 34
> > 09 21 c0 d4 98 1e fe 9f 0f 67 f3 ca f6 52 13 d8 27 e8 52 99 20 e0 ba
> > a7 49 66
> > 90 ac dc 4a cb ba d8 cd cf 66 e1 0e 53 0b 24 22 d1 4d 6f 86 d0 7f aa
> > a2 24 cc
> > 70 34 cc cb 4b 29 a4 cd 1f 9d f5 6a c2 70 15 12 5c 86 b8 79 6c 64 89
> > 21 62 7a
> > a2 18 f9
> > [2003/12/15 11:29:37, 5]
> > rpc_server/srv_samr_nt.c:_samr_set_userinfo(2937)
> >   _samr_set_userinfo: 2937
> > [2003/12/15 11:29:37, 4]
> > rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
> >   Found policy hnd[0] [000] 00 00 00 00 08 00 00 00  00 00 00 00 71 E1
> > DD 3F
> > ........ ....q=A1Z?
> >   [010] 61 70 00 00                                       ap..
> > [2003/12/15 11:29:37, 5]
> > rpc_server/srv_samr_nt.c:access_check_samr_function(105)
> >   _samr_set_userinfo: access check ((granted: 0x000000b0;  required:
> > 0x00000024)
> > [2003/12/15 11:29:37, 4]
> > rpc_server/srv_samr_nt.c:access_check_samr_function(109)
> >   _samr_set_userinfo: ACCESS should be DENIED (granted: 0x000000b0;
> > required:
> > 0x00000024)
> >   but overwritten by euid =3D=3D 0
> > [2003/12/15 11:29:37, 5]
> > rpc_server/srv_samr_nt.c:_samr_set_userinfo(2950)
> >   _samr_set_userinfo:
> > sid:S-1-5-21-2656636599-2098491866-229994164-3044,
> > level:24
> > [2003/12/15 11:29:37, 2] lib/smbldap.c:smbldap_search_suffix(1068)
> >   smbldap_search_suffix: searching
> > for:[(&(sambaSID=3DS-1-5-21-2656636599-2098491866-229994164
> > -3044)(objectclass=3DsambaSamAccount))]
> > [2003/12/15 11:29:37, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
> >   init_sam_from_ldap: Entry found for user: gt1$
> > [2003/12/15 11:29:37, 5]
> > rpc_server/srv_samr_nt.c:set_user_info_pw(2877)
> >   Attempting administrator password change for user gt1$
> > [2003/12/15 11:29:37, 0] libsmb/smbencrypt.c:decode_pw_buffer(501)
> >   decode_pw_buffer: incorrect password length (-2128390977).
> > [2003/12/15 11:29:37, 0] libsmb/smbencrypt.c:decode_pw_buffer(502)
> >   decode_pw_buffer: check that 'encrypt passwords =3D yes'
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_debug(82)
> >   000000 samr_io_r_set_userinfo
> > [2003/12/15 11:29:37, 5] rpc_parse/parse_prs.c:prs_ntstatus(664)
> >       0000 status: NT_STATUS_ACCESS_DENIED
> > [2003/12/15 11:29:37, 5] rpc_server/srv_pipe.c:api_rpcTNP(1549)
> >   api_rpcTNP: called samr successfully
> >
> >
> > In particular, I find the decode_pw_buffer warnings to be troubling
> > (there are
> > no passwords in the LDAP entry at this point). Perhaps an initialized
> > variable? Any help would be most appreciated.
> >
> > regards,
> > Greg
> >
> >
> > --
> > Greg Dickie
> > just a guy
> > Maximum Throughput
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba

=2D-=20
Greg Dickie
just a guy
Maximum Throughput



More information about the samba mailing list